We agree, as well. On Thu, Dec 16, 2010 at 11:24 AM, Mayo, Bill <bem...@pittcountync.gov>wrote:
> Bill agrees. > > ------------------------------ > *From:* Steven M. Caesare [mailto:scaes...@caesare.com] > *Sent:* Thursday, December 16, 2010 11:16 AM > > *To:* NT System Admin Issues > *Subject:* RE: System Tool 2011 malware > > Email accounts are cheap these days. > > > > -sc > > > > *From:* VIPCS [mailto:vi...@stny.rr.com] > *Sent:* Wednesday, December 15, 2010 1:59 PM > *To:* NT System Admin Issues > *Subject:* RE: System Tool 2011 malware > > > > Because it is a shared account, Jeffrey does indeed talk in the third > person (if he used āIā, you would not know who the āIā was, now would you * > *grin**?). > > > > Sincerely, > > > > Jeffrey and Mary Jane Harris > > VIPCS > > > ------------------------------ > > *From:* Sean Martin [mailto:seanmarti...@gmail.com] > *Sent:* Wednesday, December 15, 2010 1:25 PM > *To:* NT System Admin Issues > *Subject:* Re: System Tool 2011 malware > > > > I'm quite sure this is a husband and wife sharing the same account, but I > can't help but imagine "Jeffrey" talking in the third person. :) > > > > Happy Holidays! > > > > - Sean > > On Wed, Dec 15, 2010 at 7:51 AM, VIPCS <vi...@stny.rr.com> wrote: > > Jeffrey had to fix malware on a user's system that infected the keyboard > drivers, and prevent any keyboard from being used. Combofix was the only > tool that detected and fixed the issue (Jeffrey tried Vipre, Vipre Rescue, > MalwareBytes, and the Microsoft Malicious Software Removal Tool). > > That Vipre never even detected the malware concerned Jeffrey more than > anything else, even though Jeffrey knew it was malware because of numerous > reports on the Internet of other users with the same issue. > > > Sincerely, > > Jeffrey and Mary Jane Harris > VIPCS > > > -----Original Message----- > > From: Kramer, Jack [mailto:jack.kra...@ur.msu.edu] > Sent: Wednesday, December 15, 2010 11:07 AM > To: NT System Admin Issues > Subject: Re: System Tool 2011 malware > > Don't forget combofix - taken care of some things that can't be cleaned > otherwise. > > ---- > Jack Kramer > Computer Systems Specialist > University Relations, Michigan State University > w: 517-884-1231 / c: 248-635-4955 > > > > > On 12/15/10 10:37 AM, "John Aldrich" <jaldr...@blueridgecarpet.com> wrote: > > >Thanks for the info, guys... I downloaded it and will start using it as > >part > >of my regular troubleshooting/cleaning toolkit. :-) > > > > > > > >From: Scott Weber [mailto:swe...@thanksal.com] > >Sent: Wednesday, December 15, 2010 10:24 AM > >To: NT System Admin Issues > >Subject: RE: System Tool 2011 malware > > > >James, > >Recently (this past weekend) found out about secunia PSI and I like it. > > > >+1 > > > >Scott > > > > > >From: James Rankin [mailto:kz2...@googlemail.com] > >Sent: Wednesday, December 15, 2010 7:53 AM > >To: NT System Admin Issues > >Subject: Re: System Tool 2011 malware > > > >Secunia PSI FTW....I've got that down as part of the "standard" toolset I > >put on home users' PCs now. It's also not too hard to use, which is a big > >plus for these kind of jobs > >On 15 December 2010 13:50, Erik Goldoff <egold...@gmail.com> wrote: > >I wonder the status of patching on his system, not just Microsoft but > >Adobe > >and other applications. I've seen a bit of these fake av type malware > >gems > >arrive via suspected 'drive by' website visits, possibly from hitting > >flash/shockwave vulnerabilities on linked animated advertisements. > > > > > >Erik Goldoff > >IT Consultant > >Systems, Networks, & Security > > > >' Security is an ongoing process, not a one time event ! ' > > > > > > > >-----Original Message----- > >From: James Kerr [mailto:cluster...@gmail.com] > >Sent: Wednesday, December 15, 2010 8:42 AM > >To: NT System Admin Issues > >Subject: Re: System Tool 2011 malware > >I had a user get that crap on his PC on Tuesday and it disabled Vipre > >Enterprise also. The user swears he didn't click on anything and was on > >MSNBCs site. He was about to get a new PC anyway so I'm not bothering to > >clean. Its not the first time that user got one of those fake AVs, or the > >second for that matter. > > > >James > > > >----- Original Message ----- > >From: "John Aldrich" <jaldr...@blueridgecarpet.com> > >To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com> > >Sent: Wednesday, December 15, 2010 5:21 AM > >Subject: Re: System Tool 2011 malware > >> On Tue December 14 2010, you wrote: > >>> Hi John, > >>> > >>> User know where they were surfing when it hit? > >>> > >>> Samples can be submitted here: > >>> > >>> http://www.sunbeltsecurity.com/threat > >>> > >>> If you want assistance with removal check the box that says "I need > >>>help > >>> ....." Someone will be happy to help. > >>> > >>> We're releasing defs something like 13x/day now so shouldn't be too > >>>long > >>> to get updates for that critter. > >>> > >> Thanks, Tammy. I was more concerned that neither Vipre Rescue nor Vipre > >> Home caught it...what's more, it disabled Vipre Home. I'll see if I can > >> get > >> access to the zipped sample so I can resubmit. > >> > >> Thanks! > >> > >> -- > >> Thanks, > >> John Aldrich > >> Blueridge Industries > >> IT Manager > >> > >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >> > >> --- > >> To manage subscriptions click here: > >> http://lyris.sunbelt-software.com/read/my_forums/ > >> or send an email to listmana...@lyris.sunbeltsoftware.com > >> with the body: unsubscribe ntsysadmin > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > >--- > >To manage subscriptions click here: > >http://lyris.sunbelt-software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > >with the body: unsubscribe ntsysadmin > > > > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > >--- > >To manage subscriptions click here: > >http://lyris.sunbelt-software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > >with the body: unsubscribe ntsysadmin > > > > > > > >-- > >"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > >the machine wrong figures, will the right answers come out?' I am not able > >rightly to apprehend the kind of confusion of ideas that could provoke > >such > >a question." > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > >--- > >To manage subscriptions click here: > >http://lyris.sunbelt-software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > >with the body: unsubscribe ntsysadmin > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > >--- > >To manage subscriptions click here: > >http://lyris.sunbelt-software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > >with the body: unsubscribe ntsysadmin > > > > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > >--- > >To manage subscriptions click here: > >http://lyris.sunbelt-software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > >with the body: unsubscribe ntsysadmin > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin